I have a significant problem with a WIndows 2003 SP2 (x86) server which has begun to run out of nonpaged pool memory every night when a backup runs. I am of the opinion that the problem is being caused when backup exec 10d initiates a volume snapshot even though OFO is not enabled.
PoolMon.exe is reporting that the tag "mmcm" is grabbing the vast majority of nonpaged memory when the problem happens. My understanding is that mmcm is the memory manager for contigouous memory, so the tag is not really helping me to identify the culprit. I am suspecting a DLL that is not being identified by pool tagging. (My understanding of the pool tagging and the reason that I cannot identify the culprit relates to the statement: "Remember that pool tagging applies only to memory that is allocated from the pool; physical pages mapped through PTEs are not subject to pool tagging. If MmAllocateContiguousMemory
maps physical pages through PTEs, the system does not tag the allocation and you won't be able to use Driver Verifier and other tools that monitor tagged memory allocations to help you in debugging.".
The server will start throwing event ID 2019 (nonpaged pool is out of memory) and the only thing that clears the problem is a reboot.
When the server is running happily the Nonpaged pool has approx. 50 MB in use, whereas when it is having problems the nonpaged pool utilization will reach approx. 129MB used with a limit of 130,784 K.
I have been able to isolate the time of the problem to begin roughly 30 minutes into a backup set.
To attampt to fix the problem I have applied an update rollup for Volume Shadow Copy Service as described in:
I also attempted to apply a hitfox for a memory leak as described "This problem occurs because of a memory leak in cryptographic services (Cryptsvc.dll). Any application that is using cryptographic services, such as the Volume Shadow Copy service, may experience this problem." in KB870973, however this hotfix was already superseded by another update.
In any case, the memory leak still occurs whenever a backup is executed. Symantec points to Volume Shadow Copy Servic e memory leaks as being responsible, however I've tried everything I can think of so for with no success.
The server has 4GB RAM and runs Exchange Server 2003. The Exchange BPA tool does not find any problems with the configuration.
In boot.ini I boot:
indows Server 2003" /maxmem=4096 /noexecute=optout /fastdetect /3GB USERVA=3030